From fcb6a4aa96e14818f279f812afe5ad6a5c659b33 Mon Sep 17 00:00:00 2001
From: Kumi <git@kumi.email>
Date: Tue, 16 Jul 2024 07:51:01 +0200
Subject: [PATCH] fix(proxy): validate URL to prevent invalid inputs

Added a URL validation check in the proxy endpoint to ensure the URL starts with "https://upload.wikimedia.org/". This prevents potential misuse or errors caused by processing invalid URLs.

Ensures only acceptable and expected URLs are processed, improving security and stability.
---
 app.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/app.py b/app.py
index 7e3642a..2ef47f8 100644
--- a/app.py
+++ b/app.py
@@ -27,6 +27,10 @@ def get_proxy_url(url):
 @app.route("/proxy")
 def proxy():
     url = request.args.get("url")
+
+    if not url or not url.startswith("https://upload.wikimedia.org/"):
+        return "Invalid URL"
+
     with urllib.request.urlopen(url) as response:
         data = response.read()
     return data